Polarhome Community

[h3rald]

I'm currently using smarftp windows client to connect to my openvms account (alpha)... all went amazingly fine, except that I can't chmod files!! gh!

here's what I get:

SITE CHMOD 777 HOUSEDB.TXT;1
504 SITE Unknown type.

Any idea? Any suggested ftp client for windows more compatible with openvms? thanks

[miker_alpha]

To change the protection on a file the command would be:
$ SET FILE/PROT=W:RW file.ext
(where W is one of S,O,G,W and RW stands for Read,Write.
Try HELP SET PROT)

The bad news is that AFAIK you *cannot* do this via FTP.
- Try HELP/REMOTE to see whiche remote commands are available, generally by using QUOTE in FTP

MikeR

[h3rald]

Thanks... unfortunately I don't have a shell account there, so things don't seem that easy... the "QUOTE" command is not implemented, or at least that's what I get when I input it from command like... any other ideas? Only the SITE command can be used to execute commands like "CHMOD" or stuff like that (I know chmod wouldn't work in this environment anyway...)?

[miker_alpha]

OK, so what is the original problem you are trying to solve?
Anything you put in [.Public_html] is readable by the Apache server.
Anything _not_ under [.Public_html] is not reachable by the Apache server.
All other files under your SYS$LOGIN directory are accessable only with _your_ username/password combination (excluding access by privileged users.)
I gather that CHMOD 777 will allow any access by anyone - is that what you want?

MikeR

[h3rald]

Well, for a script I require some files' permissions to be set to 777, yes, within the PUBLIC_HTML directory. Can I protect directories using the .htaccess/.htpasswd files?

[miker_alpha]

I apologize for following my own post.

If in your LOGIN.COM file on OpenVMS you put a line
$ SET PROTECTION=(W:RE) /DEFAULT !(for example)
all files you PUT from then on will have the protection you have set as default. If you want to change/create only a specific file this would be a cumbersome way of doing this, but possible...

Again: What is it you are trying to do?

MikeR

[miker_alpha]

Well, for a script I require some files' permissions to be set to 777, yes, within the PUBLIC_HTML directory. Can I protect directories using the .htaccess/.htpasswd files?

Who or what, besides Apache or yourself, can access these files - or would want to?
The [.Public_html] directory is meant for files that are to be served to the web, therefore an ACL (access control list) is set up allowing access by whatever user the web-server runs under.

MikeR

[jagar_freebsd]

Win
Internet Explorer can change the permission. No need to use clients.
login <a href='ftp://h3lard@www.polarhome.com:761/' target='_blank'>ftp://h3lard@www.polarhome.com:761/</a>
It works fine with freebsd and debian. Same for you. GL
PS: And Sure you can use htpasswd, but i didn't succeed on polarhome.
My problem was **pointing to htpasswd** and didn't recognize those hash passwords, Report it if your works okay.
Here is example:(.htaccess)
--------------------------------------
AuthType Basic
AuthName "Admin"
AuthUserFile private/users <<< here is htpasswd
Order allow,deny
Require user
Require group
Allow from 1.1.*
Deny from 127.0.*
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|png|mp3|mpg|avi|mov)$ - [F]
RewriteCond %{HTTP_HOST} ^www\.[^.]+\.domain\.com$
RewriteRule ^(.+) %{HTTP_HOST}$1 [C]
RewriteRule ^www\.([^.]+)\.domain\.com(.*) /home$1$2
RewriteCond %{HTTP_USER_AGENT} Wget [OR]
RewriteCond %{HTTP_USER_AGENT} CherryPickerSE [OR]
RewriteCond %{HTTP_USER_AGENT} CherryPickerElite [OR]
RewriteCond %{HTTP_USER_AGENT} EmailCollector [OR]
RewriteCond %{HTTP_USER_AGENT} EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ExtractorPro
RewriteRule ^.*$ deny.html [L]
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} US [NC]
RewriteRule ^index\.php$ index.us.php [L]

RewriteCond %{HTTP_USER_AGENT} ^Mozilla/[345].*Gecko*
RewriteRule ^index\.php$ netindex.php [L]

RewriteCond %{HTTP_USER_AGENT} ^Mozilla/[345].*MSIE*
RewriteRule ^index\.php$ IEindex.php [L]

RewriteCond %{HTTP_USER_AGENT} ^Mozilla/[12].* [OR]
RewriteCond %{HTTP_USER_AGENT} ^Lynx/*
RewriteRule ^index\.php$ Lynxindex.php [L]

RewriteRule ^index\.php$ index.php [L]

RewriteRule (.*) /$1 [PT]
ErrorDocument 400
ErrorDocument 401
ErrorDocument 403
ErrorDocument 404
ErrorDocument 500
DirectoryIndex admin.php
-------------------------------------------
knock your self out

[miker_alpha]

How to setup password file authentification in an .htaccess file
---------------------------------------------------------------

To find out how Basic authorization works, go to:

Code: Select all

http://www.polarhome.com:763/manual/howto/auth.html#basic


and then in your .htaccess file have a line such as

Code: Select all

AuthUserFile .httpassword  
;        must point to the password file you've created


Unfortunately to create the .htpassword on an Alpha you will need:
1. Shell access
2. access to APACHE$ROOT:[000000]HTPASSWD.EXE_ALPHA
3. sufficient privilege to run the program.

On Alpha.Polarhome it does NOT work:

$htpassword :== $APACHE$ROOT:[000000]HTPASSWD.EXE_ALPHA
$htpassword  -c .htpasswd miker
%DCL-W-ACTIMAGE, error activating image APACHE$ROOT:[000000]HTPASSWD.EXE_ALPHA
-CLI-E-IMGNAME, image file ALPHA$DKA0:[SYS0.SYSCOMMON.APACHE.][000000]HTPASSWD.EXE_ALPHA;
-RMS-E-PRV, insufficient privilege or file protection violation

Possibly a password file copied from a different system would work...

Note that adding password protection would limit access to your directory, not allow added access. Is this what you want?

MikeR

P.S. I have access to an account on an Alpha, and could create such a file for you, but then I would know your chosen password. *Bad security*!!

[jagar_freebsd]

Will see many generator pages online. . .
Here is one example : <a href='http://www.euronet.nl/~arnow/htpasswd/' target='_blank'>htpasswd generator</a>
also htaccess : <a href='http://www.bitesizeinc.net/project/htaccesser' target='_blank'>download web based htaccess generator</a>

[miker_alpha]

Well the line in .htaccess for me (username MikeR) would be:

Code: Select all

AuthUserFile /dka200/home/m/miker/public_html/.htpassword


if I put the password file in my [.Public_HTML] directory. I imagine you should change the 'm' to the first letter of your username, and change 'miker' to your username, of course.

As a default, Apache is defined not to show .ht* files, so that should be safe...

For a sample .htpassword file, try

Code: Select all

aladin:LgpeHXALVaZ7I


Username: aladin (lowecase)
password: SESAME (uppercase)

and a sample entry in .htaccess:

Code: Select all

AuthType Basic
AuthName "Testing...Try: aladin (lowercase)"
AuthUserFile /dka???/username/public_html/.htpasswd
Require valid-user


both copied from a working Alpha OpenVMS example, only the
'/dka???/username/' changed to protect the guilty

HTH
MikeR

[miker_alpha]

Once again folowing on to my own post:

I created a subdirectory ( [.Public_HTML.Test]) under my own user on Alpha.Polarhome, but was *not* able to access it until I created an INDEX.HTML file in the subdirectory; i.e. file listings are not enabled.

The .HTACCESS and .HTPASSWORD file still do not work. I think the reason is as follows:

On a system where the .HTPASSWORD file works, in the server configuration, I see:

    <Directory /dka0/*/public_html>
      AllowOverride FileInfo AuthConfig Limit
      Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    </Directory>

Note: DKA0 is the relevant disk.

Whereas on Alpha.Polarhome I see:

    <Directory /home/*/*/public_html>
      AllowOverride FileInfo AuthConfig Limit
      Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    </Directory>

I think it should be:

Code: Select all

<Directory /dka200/home/*/*/public_html>

To Zoli (or alpha webmaster) : Is this correct, and is this the desired effect?

MikeR

[DenisF]

File listings are always checked prior to .htaccess files. [afaik]

add "Options +Indexes" in .htaccess and you should get the password prompt prior to getting the dir listing.

[miker_alpha]

@DenisF:

add "Options +Indexes" in .htaccess and you should get the password prompt prior to getting the dir listing.

Tried that; With existing INDEX.HTML, I just saw the INDEX page (i.e. the minimal INDEX.HTML) When I renamed INDEX.HTML to INDEX.TXT I got a 403 error (forbidden...)

The .HTACCESS file now looks like:

Code: Select all

Options +Indexes
AuthType Basic
AuthName "Testing...Try: aladin / SESAME"
AuthUserFile /dka200/home/m/miker/public_html/test/.htpasswd
Require valid-user

but no cigar, yet.

I will do some tests on the Alpha I have access to. Unfortunately I am not allowed to open it to outside access. Pity...

MikeR

[DenisF]

Hm weird, maybe httpd.conf is overriding the +Indexes?

BTW
@hp.com email.. heh.. i'm impressed
If i may ask, are you doing some kind of official work for them?

ow and your website url in your sig is pointing to "www ... :763:/~miker/" (note the extra ":")
just an FYI

[miker_alpha]

maybe httpd.conf is overriding the +Indexes?

As I understand it, the configuration in HTTPD.CONF is:

    <Directory />
      Options FollowSymLinks
      AllowOverride None
    </Directory>

which sets the defaults for the entire webserver tree (from "/" on down) and because of the missing "/dka200" in

    </Directory>
    <Directory /home/*/*/public_html>
      AllowOverride FileInfo AuthConfig Limit
      Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    </Directory>

the AllowOverride directive does not take effect.

Yep, I work for HP in Ra'anana - OpenVMS support. Some Apache, also, but not terribly complicated.
(DenisF: maybe we could just phone )
I'll look for the .hp addy on the page, and change it - the page is a partial copy of something I have at work :kwasny:

Hopefully I fixed the sig URL. Thanks for noticing.

MikeR

[miker_alpha]

To add to my last reply:

I checked on an OpenVMS Alpha server running Apache :

When I put <Directory /*/public_html> (equivalent to the current line on Alpha.Polarhome) I saw the same effects: Did'nt require a password.
Whan I had <Directory /dka0/*/public_html> it worked as expected.

I guess it's up to Zoli or whoever plays webmaster on the alpha to make the change, and then do:
@SYS$STARTUP:APACHE$STARTUP RESTART
This should cause the webserver software to re-read configuration files.

And to the O.P. SOL... meanwhile.

MikeR

[DenisF]

Damn.. you're good.. real good..

i'll try to get Z to take a look here, he's kinda busy right now [can't disclose details, pardon] but that looks like something that needs to be taken care of

[miker_alpha]

/me takes a bashful bow...
Its in my job description: problem solving... :rolleyes:

MikeR

[miker_alpha]

more manifestations of (I think) the same problem:
go to:

Code: Select all

http://www.polarhome.com:763/~miker/cgi-bin/seeacc.com

Note for non-VMS users: Under VMS the extention .COM is the equivalent of a shell script.

This is a script that works on a few (four, IIRC) different Apache OpenVMS webservers. Here, instead of the script's output, I see the code.
Admittedly, on those Apache servers I have privilege, so I put the script in APACHE$ROOT:[CGI-BIN] - but the behaviour should be the same...

As I said: I <span style='color:red'>THINK</span> this is because subdirectory [.CGI-BIN] is not defined as a Script directory;
Or maybe (specifically for OpenVMS Apache:

Code: Select all

AddHandler cgi-script   .com

Has anyone managed to access an executable/script/whatever in their [.CGI-BIN] subdirectory on Alpha.Polarhome?

MikeR